Brill Backs new Trans-Atlantic Data Transfer Mechanism, Passage of US Privacy Laws

decision is an opportunity for a broad, honest, holistic discussion between the U.S. and the European Union on privacy; and (3) privacy discussions on technology need to integrate consumer, law enforcement and national security views. “We should recognize that important protections were lost through the Court’s invalidation of the European Commission’s decision in 2000 to approve safe harbor as a data transfer mechanism,” Brill said in her speech. “And they will continue to be lost if we do not have a durable and protective mechanism for information flow between the U.S. and Europe." Safe harbor’s transparency is unmatched by alternatives, Brill said: “We should create a new data transfer mechanism that strengthens the privacy protections that were in the safe harbor principles.” She said the safe harbor principles -- notice, choice, access, security, use restrictions and “other protections that one would expect from a baseline privacy regime” -- were “very expansive and protective.” Historically, privacy conversations in the U.S. have been largely siloed, Brill said. But as law enforcement asks for access to unencrypted versions of encrypted communications, the “debate has started to chip away at the silos,” Brill said. “Although I believe the U.S. consumer privacy framework is strong and multifaceted, I also believe the U.S. needs to go further with its consumer privacy laws to ensure that we are adequately protecting consumers with respect to these new technologies.” Brill said she supports additional privacy legislation, but she doesn’t believe such legislation is a “prerequisite for a post-Schrems data transfer mechanism.”